The COVID-19 pandemic has had a huge impact on global economies over the past two years, and now – with the end somewhat in sight – governments are looking for ways to stimulate their local economies and speed up recovery.
One common strategy deployed by governments worldwide is to increase infrastructure spending. The United States, for example, recently passed the Bipartisan Infrastructure Deal (Infrastructure Investment and Jobs Act), which promises a once-in-a-generation $1 trillion investment into the country’s critical infrastructure. Similar projects are being announced worldwide, with the aim of kick-starting economies after a long COVID slump.
The coronavirus pandemic presented an opportunity for countries to invest in smart technologies, artificial intelligence (AI), and 5G networks, with the idea of cities developing data-driven and connected infrastructure. We saw that come into fruition, with cities worldwide investing in contact tracing wearables and apps, open data platforms, and crowd analytics to fight the pandemic.
Frost & Sullivan said that smart cities will create business opportunities worth $2.46 trillion by 2025, with more than 70% of global smart city spending by 2030 coming from the United States, Western Europe, and China. Post-pandemic, investments are expected to land in smart projects like smart grids, intelligent traffic management, autonomous vehicles, autonomous drones, smart lighting, e-governance services, and data-enabled public safety and security.
These developments are important, but, like all tech-driven innovation, they come with a wide range of exposures. In particular, they provide new gateways for cyber criminals to disrupt, attack, and extort.
Look at electric vehicles (EVs) as an example. They’ve exploded in popularity in recent years – and this will likely continue while the price of gas remains astronomical amid the Russia-Ukraine war – but internet-connected vehicles and their supporting EV charging stations are vulnerable to cyber risk, including technology failures and malicious attacks carried out by bad actors.
So far, cyber exposures related to EVs have been in the hands of researchers, analysts, and white hat hackers, who have proven the risks through controlled testing. The same can be said for other smart city infrastructure like smart grids and smart lighting. But with the right motivation, bad actors could soon start targeting this new technology.
Just a few weeks ago, there were reports of EV charging stations on a Russian motorway being hacked and disabled by a Ukrainian company, and then made to display anti-Putin messages. The motivation of the hackers was not financial; it was to undermine and antagonize the Putin regime.
But as cities invest in connected technology and digital infrastructure, the financial motivation for bad actors will grow. What’s to stop a group of hackers from freezing a smart grid and demanding a huge ransom in order to get that grid back online and the city up and running?
What if a bad actor hacks into a city’s smart lighting infrastructure, throws the city into darkness, and causes a string of traffic-pedestrian collisions? What if a cybercriminal infiltrates crowd analytics software or other contact tracing tools used to direct emergency services? What if a city’s autonomous drones are hacked and disabled mid-flight, and they crash on unsuspecting pedestrians or properties below?
This doesn’t just relate to smart city technology. There are also commercial uses for a lot of these smart tools. For example, there’s great demand for EVs, autonomous vehicles and autonomous drones in last-mile delivery of retail goods. If the financial motivation is there (e.g. the autonomous fleet and their delivery demands are sizeable) then hackers potentially have a lot of leverage to use during a ransomware attack.
The ‘what ifs’ of our digital-first future are endless, and while they might seem like sci-fi movie scenarios today, these are questions that need asking. I believe the insurance industry is well-positioned to respond as a thought-leader on these topics, and that insurers will have a huge role to play over the next few years in explaining and mitigating the risks.
This is good news for insurers. While new technology brings new risks, it also enables the industry to position itself on the cusp of innovation. As our cities, our businesses, and our homes transform, the insurance industry should be right at the centre of those transformations as a primary change enabler.
Getting out ahead, asking the ‘what ifs,’ and providing early solutions for emerging risks will put the insurance industry in prime position as countries build their way out of the COVID-19 pandemic.